- Australia
- Austria
- Belgium
- Bulgaria
- Canada
- China
- Cyprus
- Czech Republic
- Denmark
- Estonia
- Finland
- France
- Germany
- Hungary
- Ireland
- Italy
- Latvia
- Liechtenstein
- Lithuania
- Luxembourg
- Malta
- Netherlands
- Norway
- Poland
- Portugal
- Romania
- Slovakia
- Slovenia
- Spain
- Sweden
- United Kingdom
- United States
Save PayPal with the Orders API
CurrentLast updated: November 7th 2023, @ 9:47:43 am
After customers save their PayPal Wallet, they can select it for faster checkout. Customers won't have to enter payment details for future transactions.
You can use the Orders API to create a transaction and then save the payer's PayPal Wallet.
Save PayPal with the Orders API if you haven't integrated with a PayPal client-side JavaScript SDK, but want to save the payer's PayPal Wallet during checkout.
Availability
Know before you code
- The Orders API supports saving PayPal and card payment methods only.
- You must be approved to enable a reference transaction if you want to save PayPal as a payment source. Contact your account manager for details.
How it works
When a payer on your website saves their payment method, PayPal creates a customer record. PayPal then encrypts the payment method information and stores it in a digital vault. The vault is accessible only by the billing agreement holder.
- The payer saves their payment method.
- For a first-time payer, PayPal creates a customer ID. Store this within your system for future use.
- Pass a call into the Orders API. Include the payment method, customer ID, and an indication that the payment method should be saved.
- If the order is processed and the payment method is saved, you receive a payment method token in the Orders API response.
- Pass the payment method token into the Orders API to populate the checkout page with the saved payment method.
The checkout process is now shorter because it uses saved payment information.
Server side
Set up your server to call the Create Order API. The button that the payer selects determines the payment_source sent in the following sample. In the following sample, the payment_source is PayPal. The vault parameters in the request saves the payment_source for future use by the payer.
The merchant_customer_id is an optional field that can be used to store your customer identifier information in PayPal. After a successful payment capture, the API response will return the merchant_customer_id information.
- Platform
- Merchant
Request to create order and save PayPal
1curl -v -X POST https://api-m.sandbox.paypal.com/v2/checkout/orders/ \2 -H "Content-Type: application/json" \3 -H "Authorization: Bearer ACCESS-TOKEN" \4 -H 'PayPal-Partner-Attribution-ID: BN-CODE' \5 -H "PayPal-Request-ID: 1337623214" \6 -d '{7 "intent": "CAPTURE",8 "payment_source": {9 "paypal": {10 "attributes": {11 "customer": {12 "merchant_customer_id": "customer@example.com"13 },14 "vault": {15 "store_in_vault": "ON_SUCCESS",16 "usage_type": "PLATFORM"17 }18 },19 "experience_context": {20 "return_url": "https://example.com/returnUrl",21 "cancel_url": "https://example.com/cancelUrl"22 }23 }24 },25 "purchase_units": [{26 "amount": {27 "currency_code": "USD",28 "value": "100.00"29 },30 "payee": {31 "merchant_id": "MERCHANT-ID"32 }33 }]34 }'
Response
Note the status of the response. Some payment sources need payer approval before payment. If so, return the id back to your client to redirect the payer to a flow where they approve the payment method.
1{2 "id": "46299262185816041",3 "status": "PAYER_ACTION_REQUIRED",4 "payment_source": {5 "paypal": {}6 },7 "links": [{8 "href": "https://api-m.sandbox.paypal.com/v2/checkout/orders/46299262185816041",9 "rel": "self",10 "method": "GET",11 },12 {13 "href": "https://www.sandbox.paypal.com/checkoutnow?token=46299262185816041",14 "rel": "approve",15 "method": "GET",16 }17 ]18}
Payer approval
Call the payer approval flow by redirecting to the "approve" URL.
Authorize or capture order
After the payer approves, your server should call the following APIs:
- Capture Order API if the
intentpassed wasCAPTURE. - Authorize Order API if the
intentpassed wasAUTHORIZE.
Authorize order request
- Platform
- Merchant
1curl -v -X POST https://api-m.sandbox.paypal.com/v2/checkout/orders/5O190127TN364715T/authorize \2 -H "Content-Type: application/json" \3 -H "PayPal-Request-ID: 1337623214" \4 -H "Authorization: Bearer ACCESS-TOKEN" \5 -H 'PayPal-Partner-Attribution-ID: BN-CODE' \6 -d '{}'
Capture order request
- Platform
- Merchant
1curl -v -X POST https://api-m.sandbox.paypal.com/v2/checkout/orders/5O190127TN364715T/capture \2 -H "Content-Type: application/json" \3 -H "PayPal-Request-ID: 1337623214" \4 -H "Authorization: Bearer ACCESS-TOKEN" \5 -H 'PayPal-Partner-Attribution-ID: BN-CODE' \6 -d '{}'
Capture order response
The HTTP response codes HTTP 2xx or HTTP 200 are returned for a successful request.
The capture is successful if the purchase_units[0].payments.captures.status is COMPLETED. You can confirm with the payer that the payment has been captured.
1{2 {3 "id": "9YF83379T2523751N",4 "status": "COMPLETED",5 "payment_source": {6 "paypal": {7 "email_address": "email@example.com",8 "account_id": "AJM9JTWQJCFTA",9 "name": {10 "given_name": "Firstname",11 "surname": "Lastname"12 },13 "address": {14 "country_code": "US"15 },16 "attributes": {17 "vault": {18 "id": "nkq2y9g",19 "customer": {20 "id": "ROaPMoZUaV",21 "merchant_customer_id": "customer@example.com"22 },23 "status": "VAULTED",24 "links": [{25 "href": "https://api-m.sandbox.paypal.com/v3/vault/payment-tokens/64n9c42",26 "rel": "self",27 "method": "GET"28 },29 {30 "href": "https://api-m.sandbox.paypal.com/v3/vault/payment-tokens/64n9c42",31 "rel": "delete",32 "method": "DELETE"33 },34 {35 "href": "https://api-m.sandbox.paypal.com/v2/checkout/orders/9YF83379T2523751N",36 "rel": "up",37 "method": "GET"38 }39 ]40 }41 }42 }43 },44 "purchase_units": [{45 "reference_id": "default",46 "shipping": {47 "name": {48 "full_name": "Firstname Lastname"49 },50 "address": {51 "address_line_1": "1 Main St",52 "admin_area_2": "San Jose",53 "admin_area_1": "CA",54 "postal_code": "95131",55 "country_code": "US"56 }57 },58 "payments": {59 "captures": [{60 "id": "9LY87817BF120310A",61 "status": "COMPLETED",62 "amount": {63 "currency_code": "USD",64 "value": "100.00"65 },66 "final_capture": true,67 "seller_protection": {68 "status": "ELIGIBLE",69 "dispute_categories": [70 "ITEM_NOT_RECEIVED",71 "UNAUTHORIZED_TRANSACTION"72 ]73 },74 "seller_receivable_breakdown": {75 "gross_amount": {76 "currency_code": "USD",77 "value": "100.00"78 },79 "paypal_fee": {80 "currency_code": "USD",81 "value": "3.98"82 },83 "net_amount": {84 "currency_code": "USD",85 "value": "96.02"86 }87 },88 "links": [{89 "href": "https://api-m.sandbox.paypal.com/v2/payments/captures/9LY87817BF120310A",90 "rel": "self",91 "method": "GET"92 },93 {94 "href": "https://api-m.sandbox.paypal.com/v2/payments/captures/9LY87817BF120310A/refund",95 "rel": "refund",96 "method": "POST"97 },98 {99 "href": "https://api-m.sandbox.paypal.com/v2/checkout/orders/9YF83379T2523751N",100 "rel": "up",101 "method": "GET"102 }103 ],104 "create_time": "2022-08-12T18:16:42Z",105 "update_time": "2022-08-12T18:16:42Z"106 }]107 }108 }],109 "payer": {110 "name": {111 "given_name": "Firstname",112 "surname": "Lastname"113 },114 "email_address": "email@example.com",115 "payer_id": "AJM9JTWQJCFTA",116 "address": {117 "country_code": "US"118 }119 },120 "links": [{121 "href": "https://api-m.sandbox.paypal.com/v2/checkout/orders/9YF83379T2523751N",122 "rel": "self",123 "method": "GET"124 }]125 }
In the response from the Authorize or Capture request, the Orders v2 API interacts with the Vault v3 API. The Vault v3 API allows a PayPal Wallet to be saved. The response from the Orders v2 API contains the:
vault.id.vault.status.- links for the payment token of a recently vaulted PayPal Wallet.
Check Orders API response
Saving a payment source doesn't require the payer to be present after the payment has been authorized or captured. To keep checkout times as short as possible for payers, the Orders API returns a response as soon as a payment is captured.
Payment may be authorized or captured and a successful response returned from the Orders API without the provided payment_source being saved. In this scenario, the response returns the attributes.vault.status as "APPROVED", instead of "VAULTED".
An example of the attributes object from this scenario is included in the following sample:
1"attributes": {2 "vault": {3 "status": "APPROVED",4 "links": [5 {6 "href": "https://api-m.sandbox.paypal.com/v2/checkout/orders/5O190127TN364715T",7 "rel": "up",8 "method": "GET"9 }10 ]11 }12 }
Webhooks for saving payment methods
You can configure and subscribe to the VAULT.PAYMENT-TOKEN.CREATED webhook, which is generated when saving payment methods with the Orders API.
You'll receive a vault_id when an APPROVED status is returned.
| Event | Trigger | Payment methods |
|---|---|---|
VAULT.PAYMENT-TOKEN.CREATED | A payment token is created to save a payment method. | Cards and PayPal |
VAULT.PAYMENT-TOKEN.DELETED | A payment token is deleted. The payer's payment method is no longer saved to the PayPal vault. | Cards and PayPal |
VAULT.PAYMENT-TOKEN.DELETION-INITIATED | A request to delete a payment token has been submitted to the Payment Method Tokens API. | PayPal |
For more information on webhooks, see webhooks.
Next step
Follow Use payment method token with checkout for subsequent or recurring transactions.